Server Administration & Management

Wake-on-LAN is a useful feature on most network cards that allows you to remotely boot up a computer. The ethtool utility (found in the ethtool RPM) can tell you if your network card supports Wake-on-LAN:

Look for the “Supports Wake-on” line. It should list one or more letters, including “g” (WoL using Magic Packet). In the example above, Wake-on-LAN is currently disabled (“d”). The Wake-on-LAN setting does not persist. It needs to be configured every time the machine boots. On RHEL, this is usually done from /etc/init.d. Create a script called /etc/init.d/wol with the following content:

The script will now be run on every reboot. You can check the result using ethtool eth0; it should now display “Wake-on: g“.

You should now be able to shutdown your computer, and wake it by sending a “WoL Magic Packet” from another computer. On Linux, use ether-wake (from the net-tools RPM) or wol (from the wol RPM) to send the Magic Packet:

By mistake, when you shutdown a system instead of rebooting, you can use Wakeonlan to power on the server remotely. Also, If you have a server that don’t need to be up and running 24×7, you can turn off and turn on the server remotely anytime you want. This article gives a brief overview of Wake-On-LAN and instructions to set up Wakeonlan feature.

Overview of Wake-On-LAN

You can use Wakeonlan when a machine is connected to LAN, and you know the MAC address of that machine.
Your NIC should support wakeonlan feature, and it should be enabled before the shut down. In most cases, by default wakeonlan is enabled on the NIC. When the system crashes because of power failure, for the first time you cannot switch on your machine using this facility. But after the first first boot you can use wakeonlan to turn it on, if the server gets shutdown for some reason. WakeonLan is also referred as wol.

Check whether wol is supported on the NIC, Execute the following ethtool command in the server which you want to switch ON from a remote place.

If Supports Wake-on is g, then the support for wol feature is enabled on the NIC card. Enabling wol option on the Ethernet Card. By default the Wake-on will be set to g in most of the machines. If not, use ethtool to set the g flag to the wol option of the NIC card as shown below.

# ethtool -s eth0 wol g

Note: You should execute ethtool as root, else you may get following error message.

Finally, Switch ON the machine remotely without physical access. When the server is not up, execute the following command from another machine which is connected to the same LAN. Once the magic packet is sent, the remote system will start to boot.

The MBR (master boot record) is located at cylinder 0, head 0, and sector 1. It’s the very first sector of the hard drive and it is 512 bytes in size. When the BIOS boot your machine it looks in the MBR for information on your partitions and the initial boot loader. The MBR contains a partition table and boot code. The boot code executes and then transfers the process to the boot loader program on your active (bootable) partition. We can take the backup of MBR either to a floppy disk or to a CDROM.

Suhosin was designed to protect your servers against a number of well known problems in PHP applications and
on the other hand against potential unknown vulnerabilities within these applications or the PHP core itself including wordpress and many other open source php based apps. Install Suhosin as extension

1. Download latest version of Suhosin, enter the following command for that purpose

daily :- rotates the catalina.out dailyrotate 7 :- keeps at most 7 log filescompress :- compresses the rotated filessize 10M :- rotates if the size of catalina.out is bigger than 10Mcopytruncate :- Truncate the original log file in place after creating a copy, instead of moving the old log file and optionally creating a new one, It can be used when some program can not be told to close its logfile and thus might continue writing (appending) to the previous log file forever. Note that there is a very small time slice between copying the file and truncating it, so some logging data might be lost. When this option is used, the create option will have no effect, as the old log file stays in place.

This method works only if there is no password currently assigned for the root account. If you don’t have any password assigned to the root account, set the password without giving current password as shown below.
# mysqladmin -u root password ‘newpassword’ [Note: There is no currentpassword for root in this example]

Here is following steps to generating a Certificate Signing Request (CSR) Generation Instructions – Apache 2.x Web server. When you have completed generating your CSR, cut/copy and paste it into the CSR field on the SSL certificate-request page.

Common Name: The fully-qualified domain name, or URL, you’re securing. If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.coolexample.com.

If you do not want to enter a password for this SSL, you can leave the Passphrase field blank. However, please understand there might be additional risks. Open the CSR in a text editor and copy all of the text. Paste the full CSR into the SSL enrollment form in your account.